Role of Law, Regulation & Public Policy in Information
advertisement
Role of Law, Regulation & Public Policy in Information Sciences & Technology and Security & Risk Analysis John W. Bagby Professor of IST Co-Dir. Inst. Info.Policy What is the “Law of the Horse?” • Generalism serves best by reducing search, transactions, switching & opportunity costs • Jump to define new fields risks ineptitude, unjustified special exceptions – Karl Llewellan, parent of UCC, argued value in specialized contract law for B2B & B2C – Gerhard Casper, 80’s U.Chi.Law Sch dean proudly denounced any Law of the Horse special topic • Public policy set by insiders risks self-serving complexity; set by newcomers risks unintended consequences, waste, irrelevance • Optimality requires pioneering & adaptation Cyberlaw: another “Law of the Horse?” • Rules for idiosyncratic transactions between amateurs? – Frank H. Easterbrook, J. 7th Cir & U.Chi.L.Sch faculty • Observation about new fields – They must illuminate the entire law - not pander to dilettantes (dabblers, connoisseurs) • Netizen’s Utopian Declaration of Independence might insulate Cyberspace from traditional social, political, legal & regulatory controls – Could Regulation stifle eCommerce? • But should we pander to Cyber Libertarians? – Traditional law too often fails to encourage or accommodate technological development – Lawrence Lessig (Stanford): “We see something when we think about the regulation of cyberspace that other areas would not show us.” Biggest Challenge for Cyberlaw • Adapt Existing Law vs. New Lawmaking – Some existing law adapts well unchanged – Rush to legislate will produce some bad laws (e.g., DMCA, CDA, DigSig, more?) • Pamela Samuelson suggests a careful approach 1. Review first principles underlying traditional regulation, many accommodate cyberspace effectively without much adaptation 2. Exercise restraint: study, deliberate then confine new law to reasonable & proportionate responses 3. Simple/minimal new law & technology neutral SRA/IST Related Law & Public Policy • Regulation & Litigation Processes • eCommerce Transaction Process – Jurisdiction – Internet Taxation • Intellectual Property – Copyright – Trade Secrets • Database Protections – Patents – Trademark • dns (a Merger?) • Technology Transfer – Employment Contracts – Confidentiality – ePmts – eAgents – eGovt • • • • Intelligent Transport Privacy Security Sectoral Regulations – E.g., TeleCommunications • Standards & Antitrust – Network economics What is Information Policy? • The impact of public policy on information creation, access, ownership and use • Public Policy is exerted by … – Government: through law, regulations, executive power, courts – NGO, SRO, trade associations, professional selfdiscipline – Markets: by attraction or deterrence of capital, trade practices – Private contracts: private ordering, private regulation, employee restrictions Public Policy, Law & Regulation • IST spans many cutting-edge policy issues – Like in gaming environments today, the early cyberlibertarians demanded the Internet be exempt from traditional law – Cyberlaw history resoundingly rejected that demand • IST public policy clustering of some traditional areas of law – Interesting additional areas dictated by social, political & economic idiosyncrasies caused of new technology – Therefore, special aggregation of traditional laws, arguably becoming a law of the horse Relevant Traditionally Fields of Law • Must adapt to Cyberspace & IT – Constitutional law (e.g., bill of rights, due process, takings, commerce clause, separation of powers, federalism, freedom of contract), – Litigation & dispute resolution (e.g., forensics, electronic and traditional discovery, alternative dispute resolution, privileges, role of scientific evidence in legislation, evidence admissibility), – Legislation (e.g., lobbying, Congressional watchdog committees, pluralist grassroots communities), – Administrative law & regulatory process (policy development, rulemaking, enforcement forensics, inter-agency cooperation/competition, dispute resolution), – Intellectual property (IP) – Corporate governance (corporation law, securities regulations, disclosure, contracts, conflicts of interest), – Commercial law, (contracting, payments, property transfers, technology transfer) – Tort liability (reform & risk management, product & service liability) – Sovereign immunity Intellectual Property Rights • Copyrights – Form of expression fixed in tangible medium, weak but long protection • Trade Secrets – Information, valuable, security efforts, variable protections • Patents – Invention (machine, manufacture, composition of matter, process), strong but medium term protection • Trademarks & Trade Dress – Commercial symbol used in commerce, reduces consumer search costs, identifies source • Sui Generis Protections: – Semiconductor chips, asexual plants, boat hull design, designs, petty patents, databases, unfair competition Traditional Contracting Models • Information Exchange Model – No actual contracting, ads • Mutual Assent Model – Offers, acceptances, counter-offers, revocations, rejections, documentation • Consideration Model – Online interaction contingent on agreement to terms of use, collection of private information • Performance Model – Electronic payments, commercial docs, eDelivery eCommerce Business Models 1. Information Access & Warehousing ¶ e-Brochures, Ads, Info Capture for Resale, ad referrals 2. Ordering On-Line 3. e-Payment Systems 4. e-Delivery – – – Information & Data Software Advice & other Services • Combinations of these 4 Existing e-Commerce Successes • • • • • • • • • Banking: Wire Transfer & EFT Securities: trading, execution, record keeping Health Care Records & Reimbursement Airline Reservations & e-Ticketing Telecommunications Television Book, CD, Video Sales: amazon.com On-Line Auctions Advertising Jurisdiction & Internet Taxation • Jurisdiction & Tax share power/authority of a government to regulate/tax activities • Due Process: state tax interstate business • Sales & Use Tax if Nexus – Internet Tax Freedom Act (access, bit) • Complexity of taxation of eCommerce – Differences: rates, base, exemptions, remitter • Int’l taxation: collect EU’s VAT? Telecommunications Regulation • Federal Communications Commission & State/Local Regulators • Licensing and Entry • Structural Regulation (competition) • Regulation of Rates • Technology & Standards eGovt • Diffusion of Information Technology into Government Activities – Migrating transaction processes – Compare/Contrast private sector eCom w/ eGovt – Applications: military, terrorism, control • ID Key Applications, Facilitate Further Diffusion: – IRS, PTO, DOD, FTC, SEC, SAP (PA), DMVs, Public Docs under FOIA/Open Records, eVidence in Litigation – Nine Next Neediest: utilities, INS, national security, transportation, insurance, professional licensure, public safety, elections, cybercrime An Ontology for Public Policy Scholarship in IST • IT Governance • Standardization • IP Policy and Strategy • Security and Privacy • Electronic Commerce (eCommerce) See: http://faculty.ist.psu.edu/bagby/ IT Governance • “specifying the decision rights and accountability framework to encourage desirable behavior in the use of IT.” • “the leadership and organizational structures and processes that ensure that [IT serves strategic objectives].” • Corporate governance constraints; impact of law, regulators, security & privacy standards; SOX; Implemented through: • • • • • technology transfer agreements private contracts employment restrictions IP constraints eCommerce commercial practice Standardization • Standards Development Activities (SDA) – Expanding form of public policy development • “Code is Law” • Major foci: resolution of conflicts of interest – Antitrust & IP – International Aspects quickly Emerging • EU through ISO & China – Due Process & Fair Political Representation • Balanced against participants’ domain expertise IP Policy and Strategy • Pervasive to nearly all IST scholarship streams – artifacts, cooperative research, HCI, security, privacy, search, dB, data mining, domain-related informatics, cyber-infrastructure, GIS, enterprise systems – See http://ist.psu.edu/facultyresearch/research/ • Copyright, trade secret, patent, trademark: – IP Strategy & IP Reform – IP rights valuation, IP rights assessment, IP audit infringement risk analysis • P2P, numerous urban legendary myths – Open Source & Antitrust aspects of IP – Software & BMPatents Security and Privacy • An Amalgam of: – Criminal Law – CyberForensics (EDD, ESI, ERM) – Sectoral privacy regulations • e.g., privacy regulations in health, financial, online, telecommunications, law enforcement, international commerce, security breaches) – – – – – IT governance Information Assurance Electronic Surveillance Money Laundering Social Network Analysis Mapping using Graph Theory eCommerce • Online & Electronic Contracting • Ubiquitous EULAs – Shrink, Click, Box & Browse Wrap Contracts • Electronic Marketing & Auction Markets • Electronic Payment Systems • Financial Services IT Regulation – Money Laundering…again • Automated Transaction Processing – AI, intelligent agents, electronic agents, ontologies & expert systems in eCommerce Some Instruction Interests • Existing Courses: – – – – IST 432 IST 452 IST 453 SRA 211 • Proposed New Courses: – – – – Critical Infrastructures Standardization Open Source Electronic Payment Architecture & MoneyLaundering Research Methods Useful in Public Policy of IST • • • • • • • Doctrinal Legal Research Public Policy Analysis Conceptual Analysis Model Building & Testing Artifact Design, Development & Testing Simulation Various Empirical Methods Doctrinal Legal Research • Combines Analytical Methods from Humanities, Empirical Social/Natural Sciences, Public Policy Analysis • Evaluates Existing/Proposed Law for Consistency, Validity, Authority & Impact (social, political, economic) – Constitutions, precedents, statutes, regs • Influences cases, legislative history, policymaking, other disciplines’ research design
